-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerability found on latest version of json-as-xlsx #74
Comments
please fix this. simply update your dependencies to use the CDN - SheetJS/sheetjs#2822 (comment)
|
related, is this package still being maintained? |
@LuisEnMarroquin can you help with fix the issue? PR #77 for this is already published and waiting for merging. |
@LuisEnMarroquin Please, accept the PR. |
Hello there, sorry, it was a long time since I modified this project It should be solved by this PR: #88 Can you help me review it? Thanks in advance |
Thank you for this fix @LuisEnMarroquin. |
Summary
There are vulnerability found in the json-as-xlsx version 2.5.3 due to xlsx.
Possible Solution
Updating the xlsx dependency to patched version: 0.19.3
Context
More information about CVE is here: GHSA-4r6h-8v6p-xvw6
The text was updated successfully, but these errors were encountered: